CVE-2018-12383 log
Source |
|
Severity | Low |
Remote | No |
Type | Information disclosure |
Description | A security issue has been found in Thunderbird versions prior to 60.2.1. If a user saved passwords before the move to a new password format and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-782 | thunderbird | 60.0-4 | 60.2.1-1 | Critical | Fixed | FS#60424 |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
18 Oct 2018 | ASA-201810-13 | AVG-782 | thunderbird | Critical | multiple issues |
References |
---|
https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12383 https://bugzilla.mozilla.org/show_bug.cgi?id=1475775 |